Paper 2025/506
On the Estonian Internet Voting System, IVXV, SoK and Suggestions
Abstract
The Estonian i-voting experience is probably the richest to analyze; a country that is considered a pioneer in digitizing both the government and private sector since 2001, and hence digital voting in 2005, yet there are still some complaints submitted, critics and remarks to consider about the IVXV system. In this paper, we introduce a Systemization of Knowledge of the Estonian IVXV i-voting system and propose some added security enhancements. The presented SoK includes applications implemented by election observers in 2023 & 2024 elections, which, to our knowledge, has never been mentioned and/or analyzed in the academia before. The paper also updates the general knowledge about an extra right given to auditors (but not observers) in the June 2024 European election, recent improvements, and recent complaints. Finally, we discuss the current system status in 2024 EP elections, propose our own suggestions to some remaining vulnerabilities, then raise the inevitable question of the approaching quantum threat.
Note: 29/4/2025 this is probably the final extended version, further edits would be only to omit unnecessary details or correct writing errors
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- IVXVEl-Gamal Encryptionrange proofsVerkle Treesvote buyingcounted as-casteduniversal verifiability.
- Contact author(s)
- shar academic @ gmail com
- History
- 2025-04-29: last of 4 revisions
- 2025-03-17: received
- See all versions
- Short URL
- https://ia.cr/2025/506
- License
-
CC BY-NC
BibTeX
@misc{cryptoeprint:2025/506,
author = {Shymaa M. Arafat},
title = {On the Estonian Internet Voting System, {IVXV}, {SoK} and Suggestions},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/506},
year = {2025},
url = {https://eprint.iacr.org/2025/506}
}
